On June 17, 2024, the Department of Justice (“DOJ”) announced the latest settlement under its Civil Cyber-Fraud Initiative (“CCFI”) (previously discussed here).[1] The settlement resulted in a total of $11,300,000 in payments from two consulting companies (Guidehouse, Inc., the prime contractor, which paid $7,600,000; and Nan Kay and Associates, the subcontractor, which paid $3,700,000) to resolve allegations the two companies violated the False Claims Act by failing to meet cybersecurity requirements in federally-funded contracts.Continue Reading Latest Cyber-Related FCA Settlement Underscores the Breadth of DOJ’s Civil Cyber-Fraud Focus

In recent weeks, there has been an uptick in news of cyber-related False Claims Act (“FCA”) activity. For example, on September 1, 2023, the court unsealed a qui tam lawsuit against Penn State University relating to allegations of non-compliance with Department of Defense (“DoD”) cybersecurity obligations. Separately, on September 5, 2023, the Department of Justice (“DOJ”) announced a multi-million dollar FCA settlement with Verizon under its Civil-Cyber Fraud Initiative (which focuses on leveraging the FCA to pursue cybersecurity related fraud by government contractors and grant recipients, as we previously discussed here). These and other cases suggest—as many had been speculating—that the number of enforcement actions and publicity associated with previously-sealed qui tam cases will continue to increase. They also signal that contractors and universities should brace for additional scrutiny and potential whistleblower claims in this area.Continue Reading Recent Cyber-Related False Claims Act Activity Signals Contractors and Universities Should Examine Their Cybersecurity Practices and Brace for an Uptick in Enforcement